Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.
Find out if you have vulnerabilities that put you at risk Test your code
Vulnerability Affects Type Published
  • M
Cross-site Scripting (XSS)
league/commonmark >=0.15.6, <0.18.1 Composer 10 Feb, 2019
  • M
Broken CORS (Cross-Origin Resource Sharing)
yiisoft/yii2 <2.0.16 Composer 10 Feb, 2019
  • M
Cross-site Scripting (XSS)
modx/revolution <=2.7.0 Composer 06 Feb, 2019
  • M
Incorrect Access Control
api-platform/core <2.3.6 Composer 05 Feb, 2019
  • H
Deserialization of Untrusted Data
mpdf/mpdf <7.1.8 Composer 04 Feb, 2019
  • H
Arbitrary Code Execution
drupal/drupal >=7.0.0, <7.6.2,>=8.5.0, <8.5.9,>=8.6.0, <8.6.6 Composer 04 Feb, 2019
  • H
Arbitrary Code Execution
drupal/core >=7.0.0, <7.6.2,>=8.5.0, <8.5.9,>=8.6.0, <8.6.6 Composer 04 Feb, 2019
  • M
Cross-site Scripting (XSS)
croogo/croogo >=0.0.0 Composer 29 Jan, 2019
  • H
SQL Injection
phpmyadmin/phpmyadmin >=4.5.0, <4.8.5 Composer 26 Jan, 2019
  • H
Arbitrary File Read
phpmyadmin/phpmyadmin >=4.0.0, <4.8.5 Composer 26 Jan, 2019
  • M
Information Disclosure
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Broken Access Control
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms-core >=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Arbitrary Code Execution
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Security Misconfiguration
typo3/cms-core >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Broken Access Control
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Information Disclosure
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Cross-Site Scripting (XSS)
typo3/cms >=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Arbitrary Code Execution
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • H
Security Misconfiguration
typo3/cms >=8.0.0, <8.7.23,>=9.0.0, <9.5.4 Composer 22 Jan, 2019
  • M
Access Control Bypass
api-platform/core >=2.2.0, <2.2.10,>=2.3.0, <2.3.6 Composer 20 Jan, 2019
  • M
Arbitrary Code Injection
woocommerce/woocommerce <3.2.4 Composer 16 Jan, 2019
  • M
Remote Code Execution (RCE)
pear/archive_tar <1.4.4 Composer 15 Jan, 2019
  • H
Information Exposure
studio-42/elfinder <2.1.45 Composer 14 Jan, 2019
  • H
Directory Traversal
topthink/think <1.0.0 Composer 14 Jan, 2019
  • H
Server Side Request Forgery (SSRF)
studio-42/elfinder <2.1.46 Composer 14 Jan, 2019